Security.ssl-pinning

最新推荐文章于 2020-12-03 07:58:12 发布

weixin_34342207

最新推荐文章于 2020-12-03 07:58:12 发布

阅读量136

点赞数

文章标签：移动开发 php swift

原文链接：http://www.cnblogs.com/cwgk/p/6941419.html

版权

SSL Pinning

1. What's SSL Pinning?

"SSL Pinning is making sure the client checks the server’s certificate against a known copy of that certificate.

Simply bundle your server’s SSL certificate inside your application, and make sure any SSL request first validates

that the server’s certificate exactly matches the bundle’s certificate. " Ref[1]

"The method used to do this is: connection:willSendRequestForAuthenticationChallenge: inside the NSURLConnectionDelegate protocol.

This method gets called when an SSL connection is made, giving you, the programmer, a chance to inspect the authentication

challenge and either proceed or fail." Ref[1]

2. SSL Pinning in AFNetworking

Ref[9], Ref[8]

Reference

1. SSL Pinning for Increased App Security (Read Again) (AAAA)

https://possiblemobile.com/2013/03/ssl-pinning-for-increased-app-security/

2. How to make your iOS apps more secure with SSL pinning

https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning

3. ANDROID SSL PINNING USING OKHTTP

https://medium.com/@develodroid/android-ssl-pinning-using-okhttp-ca1239065616

4. SSL Pinning in UWP Apps

http://resources.infosecinstitute.com/ssl-pinning-in-uwp-apps/

5. Exploring SSL Pinning on iOS

https://nabla-c0d3.github.io/blog/2013/02/19/ios-pinning/

6. MITM ATTACKS & SSL PINNING: WHAT IS IT AND WHY YOU SHOULD CARE.

https://www.ionic.com/blog/mitm-attacks-ssl-pinning-what-is-it-and-why-you-should-care/

7. Android Security: SSL Pinning

https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e

8. About Public Key Pinning (To Read)

https://noncombatant.org/2015/05/01/about-http-public-key-pinning/

https://security.stackexchange.com/questions/29988/what-is-certificate-pinning

9. SSL MiTM attack in AFNetworking 2.5.1 - Do NOT use it in production! (To Read)

http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html

10. How to make your iOS apps more secure with SSL pinning (To Read)

https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning

11. Certificate and Public Key Pinning (To Read)

https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning

12. Android Security: SSL Pinning

https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e

13. Certificate Pinning in a Mobile Application

https://blog.netspi.com/certificate-pinning-in-a-mobile-application/

14. How to make your iOS apps more secure with SSL pinning

https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning

15. 验证 HTTPS 请求的证书（五）

https://draveness.me/afnetworking5

16. Android Security: SSL Pinning

https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e

17. Prevent bypassing of SSL certificate pinning in iOS applications

https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinning-bypassing

18. SSL pinning in iOS - Swift edition

https://infinum.co/the-capsized-eight/ssl-pinning-revisited

转载于:https://www.cnblogs.com/cwgk/p/6941419.html

weixin_34342207

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Security.ssl-pinning

SSL Pinning1. What's SSL Pinning?"SSL Pinning is making sure the client checks the server’s certificate against a known copy of that certificate.Simply bundle your server’s SSL certificate in...
复制链接

扫一扫

评论

被折叠的条评论为什么被折叠?

到【灌水乐园】发言

查看更多评论

添加红包

成就一亿技术人!

hope_wisdom

发出的红包

实付元

使用余额支付

点击重新获取

扫码支付

钱包余额 0

抵扣说明：

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。